Obstruction accesses are increasing such as an attack in which a plurality of computers distributed in a network transmit packets to a specific server in unison so as to flood communication routes and stop the functions. As a technique to prevent such an obstruction access, there is a harmful packet removal apparatus. For example, the harmful packet removal apparatus includes a function for receiving a packet addressed to a specific server, determining whether the packet is a harmful packet for attacking, and transferring only a packet other than the harmful packet.
For example, in a case where a service provider provides a network access service to a customer such as an ISP (Internet service provider) based on a network configuration shown in FIG. 1 and harmful traffic is distributed to a network apparatus such as a server in the customer network via a network of the service provider, harmful packets can be removed in the service provider side by providing the harmful packet removal apparatus in the service provider side.
By the way, as an example of conventional technique related to harmful packet removal, there is a technique described in the patent document 1 for identifying and controlling an attacking flow that matches a specific bit pattern.    [Patent document 1] Japanese Laid-Open Patent application No. 2006-067078